Overview
- Description
- A vulnerability has been identified in tasks, backend object generated for handling any action performed by the application in IBM Cloud Orchestrator. It is possible for an authenticated user to view any task of the current users domain.
- Source
- psirt@us.ibm.com
- NVD status
- Analyzed
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 3.3
- Impact score
- 1.4
- Exploitability score
- 1.8
- Vector string
- CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
- Severity
- LOW
CVSS 2.0
- Type
- Primary
- Base score
- 2.1
- Impact score
- 2.9
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-200
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:cloud_orchestrator:2.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8227C8AC-7AAC-4DD1-A998-81595B0352DE"
},
{
"criteria": "cpe:2.3:a:ibm:cloud_orchestrator:2.3.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6982E71E-FD79-47A5-8060-56499F7D00B5"
},
{
"criteria": "cpe:2.3:a:ibm:cloud_orchestrator:2.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FE37CE11-6A58-4058-B3A0-5A223DC5601B"
},
{
"criteria": "cpe:2.3:a:ibm:cloud_orchestrator:2.4.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E747BF22-8A13-4073-967F-0C28055B2A45"
},
{
"criteria": "cpe:2.3:a:ibm:cloud_orchestrator:2.4.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A9B95F0E-F10A-4A0A-B675-73AD50A552B2"
},
{
"criteria": "cpe:2.3:a:ibm:cloud_orchestrator:2.4.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "42AC5772-6E74-4B9C-815F-ED8C265FED53"
}
],
"operator": "OR"
}
]
}
]